Should I start Security+?

/usr

I really want to, but I have to say that from what I've heard on here, I'm somewhat reluctant. I don't want to spend the money on material to study, then money to take the exam, only to fail. My question is, even though it is hard, do you think it's possible to pass with sufficient studying, or should I try for another exam such as CCNA or Server+?

janmike

OK, my opinion.

Server+ will test you on advance hardware subjects and concentrates on servers, RAID, SCSI, storage methods, physical and logical security, and redundant methods of data protection. It also tests on some Server OSs.
It was a tough test for me even after studying and labing for 4-1/2 months. It's almost all troubleshooting or problem solving scenario questions.

I would like to do Security+, but I believe that I need a good solid background in systems and, consequently, I'm working on some of the certs that lead to Microsoft Certifed System Administrator(MCSA).

It's my understanding that CCNA is a no-walk-in-the-park sort of cert and I think it requires more than one exam to complete.

I think that you will get a lot of good background for security if you take Server+(again, it's not easy), but, IMHO, a good background in overall system admin will help even more.

Best of luck on your decision.

RussS

I think janmike has put this rather succinctly.

The biggest thing about Sec+ is that not only should one have read up and studied for the exam, but also that you are very familiar with the various tools and methods for hardening and cracking systems. This means a reasonable amount of hands on experience.

/usr

The hands on experience is something that, unfortuntely, will be nearly impossible to get. It seems that any route I take now will be significantly harder than the A+ and Network+ exams. Basically what you're saying is that Security+ will be very difficult if I haven't had hands on experience, even if I do take get material from multiple sources? I'm interested is basically all things Networking, so the Server+ interests me, just not as much as Security+. By the way, I'm not too crazy about the troubleshooting questions, but that's just part of the territory. My Network+ exam was full of them, but I think I did fairly well with an 806/900. One more question. Do you think that after Server+, I would be safe to begin Security+, provided I spent a sufficient amount of time studying?

janmike

I suggest that you do a little skimming to get your thoughts lined up a bit better.

Right now, Sec+ exam guides aren't very popular, so you can pick one up second-hand pretty cheap at

http://half.ebay.com/search/search.jsp?nthTime=2&product=books&query=Server%2B&x=3&y=15

Get one and do a quick read through it. All-In-One is thorough but it can become boring, and I like the one by Elton Jernigan.

Then go to

http://www.alphageekproductions.com/

and download the free PDF by Tcat. It was published as beta when the Sec+ exam first came out. Read through this and compare to your present knowledge. Tcat also has a guide that you can download for a few bucks which is supposed to be up to date.

Also get a copy of the exam objectives for Server+ and Security+ from the CompTIA site. See how your knowledge compares with the exam objectives.

You're the one who has to decide. I have passed Server+(barely) but I think that with the broad knowledge base that I have from my 3 certs, it's still too narrow. It may not be too narrow to start studies for Sec+ but I feel that if I'm going to work in these areas I've also got to get some practice--at least network my own PCs together and do my own labs at home and actually work with some OSs. Then, I can hack them to pieces and try to fix 'em!! That's one way to learn.

Hope this helps.

/usr

I'm going for Security+. The stuff is just too interesting to pass up. I'll pass the test, it may take me a couple tries if it's as difficult as everyone says, but I'll pass it. Thanks to all who offered advice. I'm sure I'll be asking more questions as the time draws closer for me to take this exam.

RussS

After reading your earlier post with the comment

By the way, I'm not too crazy about the troubleshooting questions

I think that perhaps Security is not an area that you would not perhaps enjoy. In fact I would suggest that you actually sit down and ask yourself why you want to be in the IT industry. If your answer is for the money then perhaps you need to re-evaluate as most IT guys I know could earn more in other areas, but enjoy the challenge of what they are doing.
The challenge? .... TROUBLESHOOTING.
I say this not to put you down or to disillusion you, but to advise that the realities of life in this field is that most of what we do is troubleshooting.

If you decide to go ahead with Sec+ you should realise that it is significantly more difficult than A+, Net+ or even Server+. I would also disagree with janmike on one point, and that is the Tcat pdf. The free pdf is interesting, however the full paid version is actually a very valuable study resource for this exam. Also note that until the 10th of January there is a totally awesome 700 question exam sim free with this guide.

Do not skimp on study materials as the cost of retaking the exam is far greater than a few extra resources.

For hands-on experience you can get away with just a couple machines and be able to play with assorted intrusion or defence tools. This experience is very valuable as it allows you to understand how these things work.

tokhss

well said..

we geeks, nerd, dorks love our systems and when they go down.. we wanna hit smack the computer upside the head, but at the same time, intrigued to solve the problem at a cost not worth to many.. we wont sleep till its fixed. atleast thats how i am.

/usr

Let me rephrase what I said. I dislike the troubleshooting questions I've encountered on the exam, because often times there is more than one correct answer. In real life scenarios, I love troubleshooting. There's really nothing that intrigues me more, as there's no better feeling than fixing a problem that someone needs fixed, yet can't figure out.

/usr

By the way, I plan on getting the paid version of the Tcat pdf file. I've downloaded the free one, but will be getting the paid one. Possibly later today. I also ordered the All-In-One Security+ book. I used All-In-One for both A+ and Net+ and found them very good study tools, so I decided to stay with the same series. Any other resources I should check out?

pandimus

Of course get yourself a good testing software, like transcenders. I didnt use those too much on my A+ and Net+, but helped tons, on my microsoft certs.